Multiple Roles per User <= 1.0 - Missing Authorization to Authenticated (Custom+) Privilege Escalation

jemoreto Multiple Roles per User

Premmerce Wholesale Pricing for WooCommerce <= 1.1.10 - Authenticated (Subscriber+) SQL Injection

premmerce Premmerce Wholesale Pricing for WooCommerce

A stack buffer overflow vulnerability exists in the Supermicro BMC Web function(SSL).

SMCI X13SEDW-F

Stack buffer overflow vulnerability exists in the Supermicro BMC Shared library

SMCI MBD-X13SEDW-F

Malicious Code Execution Vulnerability in Setting and Operation Application for Lighting Control System MILCO.S

Mitsubishi Electric Corporation MILCO.S Setting Application Mitsubishi Electric Corporation MILCO.S Setting Application (IR) +2个

VK All in One Expansion Unit <= 9.112.1 - Authenticated (Contributor+) Stored Cross-Site Scripting

kurudrive VK All in One Expansion Unit

VK All in One Expansion Unit <= 9.112.1 - Authenticated (Contributor+) Stored Cross-Site Scripting

kurudrive VK All in One Expansion Unit

A stack buffer overflow vulnerability exists in the Supermicro BMC Web function

SMCI MBD-X13SEDW-F

Supermicro BMC SMASH services has a Stack-based buffer overflow vulnerability

SMCI MBD-X13SEDW-F

Post Type Switcher <= 4.0.0 - Insecure Direct Object Reference to Authenticated (Author+) Post Type Change

johnjamesjacoby Post Type Switcher

In bta_hf_client_cb_init of bta_hf_client_main.cc, there is a possible remote code execution due to ...

Google Android Google Android +6个

Gravity Forms <= 2.9.21.1 - Unauthenticated Arbitrary File Upload via Legacy Chunked Upload

Gravity Forms Gravity Forms

Missing Release of Resource after Effective Lifetime (CWE-772) in the T21 Reader allows an attacker ...

Gallagher T21 Reader

Incorrect Usage of Seeds in Pseudo-Random Number Generator (CWE- 335) vulnerability in the High Sec ...

Gallagher High Sec End of Line Module

Observable Timing Discrepancy (CWE-208) in HBUS devices may allow an attacker with physical access t...

Gallagher HBUS Devices

A post-authentication command injection vulnerability in the "priv" parameter of Zyxel DX3300-T0 fir...

Zyxel DX3300-T0 firmware zyxel dm4200-b0_firmware +53个

An uncontrolled resource consumption vulnerability in the web server of Zyxel DX3301-T0 firmware ver...

Zyxel DX3301-T0 firmware zyxel lte3301-plus_firmware +65个

The Mac App Store distribution of the Canva for Mac desktop app before 1.117.1 was built without Har...

Canva Canva

itsourcecode Student Information System enrollment_edit1.php sql injection

itsourcecode Student Information System facebook-julykringcadayona student_information_system

code-projects Simple Pizza Ordering System listorder.php sql injection

code-projects Simple Pizza Ordering System carmelo simple_pizza_ordering_system